netbox-scanner/README.md

# Netbox Scanner

This repository includes a simple Dockerized network scanner and a NetBox importer.

## Services

- `scanner`: runs `scan.py` and saves scan results to `output/network.txt`
- `netbox-importer`: runs `ipscan-v2.py` and imports scan results into NetBox

## Files

- `scan.py`: performs Nmap scans for configured networks and writes `network.txt`
- `ipscan-v2.py`: imports scan results into NetBox using environment variables
- `docker-compose.yml`: defines `scanner` and `netbox-importer` services
- `Dockerfile`: installs Python and Nmap and copies both scripts into the container

## Usage

### Build and run the scanner

```bash
docker compose build
docker compose up scanner
```

The scan output is written to:

```bash
./output/network.txt
```

### Run the NetBox importer

```bash
docker compose up netbox-importer
```

## Configuration

### Scanner service

- `OUTPUT_PATH`: path to save results inside container (default: `/app/output/network.txt`)
- `SCAN_NETWORKS`: comma-separated CIDR networks to scan (default set in `scan.py`)

### NetBox importer service

- `NETBOX_URL`: NetBox API URL
- `NETBOX_TOKEN`: NetBox API token
- `NETWORKS`: comma-separated networks to scan
- `TENANT`: NetBox tenant name
- `SSL_VERIFY`: whether to verify SSL (`false`, `0`, `no` disable verification)
- `SCAN_SOURCE`: `env`, `netbox`, or `mixed` (use NetBox prefix data for scan networks)
- `NETBOX_PREFIX_STATUS`: optional prefix status filter for NetBox prefixes (for example `active`)

## Output format

The generated `network.txt` file includes scan results in this format:

```text
# network.txt generated on 2026-05-20T00:00:00Z
# host status open_ports
192.168.85.1 up 22 80
192.168.85.2 down
```

## Notes

- Ensure `nmap` is installed in the container via the provided `Dockerfile`.
- If you want to run both services together, use:

```bash
docker compose up scanner netbox-importer
```